Civil Monetary Penalties

For a period of over 3 years, GE appears to have violated the Cuban Assets Control Regulations (CACR) 289 times, resulting in a settlement of $2,718,581, as opposed to a base penalty of $3,377,119 and a maximum statutory penalty of $17,785,000.

This is what happened:

Specifically, between December 2010 and February 2014, the GE Companies appear to have violated § 515.201(b) of the CACR on 289 occasions by accepting payment from The Cobalt Refinery Company (“Cobalt”) for goods and services provided to a Canadian customer of GE.

Since June 1995, Cobalt had been identified as a specially designated national (SDN) of Cuba and appeared on OFAC’s List of Specially Designated Nationals and Blocked Persons (the “SDN List”). Publicly available information also demonstrated that GE’s former Canadian customer is a corporation with strong historic and then-current economic ties to the Cuban mining industry through its business partnerships and joint ventures with the Cuban government. Cobalt is one of three entities owned by a public joint venture between GE’s Canadian customer and the Cuban government. From at least 1996 until the GE Companies terminated their relationship with their Canadian customer, the GE Companies maintained — and renewed on at least 18 occasions — this customer relationship despite the obvious sanctions risk posed by the relationship.

On February 24, 2014, GE Working Capital Solutions discovered that from at least 2010 to 2014, the GE Companies received numerous payments directly from Cobalt for invoices issued to GE’s Canadian customer. While the GE Companies negotiated and entered into contracts with GE’s Canadian customer, and sent all of their invoices to GE’s Canadian customer, Cobalt paid the GE Companies for its goods and services in more than 65 percent of the total transactions. The GE Companies approved Cobalt as a third-party payer and, over a four-year period, failed to appropriately recognize the significant and widely published relationship between Cobalt and their Canadian customer and did not undertake sufficient diligence into their customer’s activities. The GE Companies deposited all checks received from Cobalt into GE’s bank account at a Canadian financial institution. The checks contained Cobalt’s full legal entity name as it appears on OFAC’s SDN List as well as an acronym for Cobalt (“Corefco”), but the GE Companies’ sanctions screening software, which screened only the abbreviation of the SDN’s name, never alerted on Cobalt’s name.

In total, the GE Companies received 289 checks directly from Cobalt from on or about December 9, 2010 to on or about February 28, 2014 totaling approximately $8,018,615. Additionally, goods and services the GE Companies provided to its Canadian customer were, in turn, used to supply utility services and other benefits to Cobalt, which is co-located with GE’s Canadian customer.

And how OFAC ended up at the final figure:

OFAC determined the following to be aggravating factors:

  1. The GE Companies failed to take proper or reasonable care with respect to their U.S. economic sanctions obligations — particularly given GE’s commercial sophistication. GE failed to identify that (i) for at least four years it was receiving payments that were on their face from a SDN of Cuba that has been on the SDN List since 1995, and (ii) it was providing goods and services to a customer that provides a direct and indirect benefit to a facility owned and operated by that designated Cuban company;
  2. The GE Companies’ actions caused substantial harm to the objectives of the Cuba sanctions program by conducting a large volume of high-value transactions directly with a Cuban company on the SDN List over a period of many years; and
  3. The substance of GE’s disclosures and other communications with OFAC leave substantial uncertainty about the totality of the benefits conferred to a Cuban company on the SDN List by the GE Companies through their Canadian customer, which had substantial and public ties to Cuba and the Cuban mining industry. While OFAC considered certain jurisdictional limitations on GE’s ability to provide a full picture of the scope of work performed at the request of its Canadian customer, at all relevant times, GE had reason to know of its customer’s specific and longstanding relationship with Cobalt. GE should have treated its Canadian customer as higher risk due to the customer’s publicly known joint venture with Cuba and substantial reliance on Cuban-origin ore. Finally, despite the provision to GE of OFAC’s Office of Enforcement Data Delivery Standards, GE did not provide its primary submissions to OFAC in a clear and organized manner and the submissions contained numerous inaccuracies, placing a substantial resource burden on OFAC during the course of its investigation.

OFAC determined the following to be mitigating factors:

  1. None of the GE Companies has received a penalty notice or Finding of Violation from OFAC in the five years preceding the date of the earliest transaction giving rise to the alleged violations;
  2. GE identified the alleged violations by testing and auditing its compliance program. Additionally, GE implemented remedial measures and new processes to enhance its sanctions compliance procedures, including developing a training video for all company employees using the alleged violations as a case study; and
  3. GE cooperated with OFAC by executing and extending multiple statute of limitations tolling agreements.

And the lesson to be learned from all of this:

This enforcement action highlights the sanctions risks to U.S. companies and their foreign subsidiaries associated with (i) accepting payments from third parties and (ii) conducting transactions in foreign currency or at a foreign financial institution. Additionally, this action demonstrates the importance of conducting appropriate due diligence on customers and other counter-parties when initiating and renewing customer relationships. Ongoing compliance measures should be taken throughout the life of commercial relationships.

As noted in OFAC’s Framework for Compliance Commitments, U.S. companies can mitigate sanctions risk by conducting risk assessments and exercising caution when doing business with entities that are affiliated with, or known to transact with, OFAC-sanctioned persons or jurisdictions, or that otherwise pose high risks due to their joint ventures, affiliates, subsidiaries, customers, suppliers, geographic location, or the products and services they offer.


OFAC Enforcement Information

This is the fun part – right up front:

British Arab Commercial Bank plc Settles Potential Liability for Apparent Violations of the Sudanese Sanctions Regulations: British Arab Commercial Bank plc (BACB), a commercial bank located in London, the United Kingdom (UK), with no offices, business or presence under U.S jurisdiction, processed 72 apparent violations of the Sudanese Sanctions Regulations (SSR) (previously found at 31 C.F.R. Part 538) totaling $190,700,000. The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) has determined that BACB did not make a voluntary self- disclosure of the apparent violations, and that these apparent violations constitute an egregious case. The total base penalty amount for the apparent violations was $381,400,000. In consultation with BACB’s domestic regulator, the United Kingdom’s Prudential Regulation Authority, OFAC determined that the Bank’s operating capacity was such that it would face disproportionate impact if required to pay the proposed penalty of $228,840,000. As a result, and in view of BACB’s operating capacity, the fact that it has represented that it ceased the conduct described below, its entering into a settlement agreement, and its maintenance of the compliance commitments articulated in the settlement agreement, BACB will remit $4,000,000 to settle these potential violations and its obligations to pay OFAC the remainder of the proposed penalty amount shall be suspended

What they did was pretty ingenious, actually – they made USD payments to Sudan out of a nostril account of an unnamed bank, but funded that account in a separate transaction. So, the actual payments didn’t go through the US financial system, even though they involved funds that emanated there.


Enforcement Information


The U.S. Department of State has concluded an administrative settlement with L3Harris Technologies, Inc. (L3Harris) of Melbourne, Florida, to resolve alleged violations of the Arms Export Control Act (AECA), 22 U.S.C. § 2751 et seq., and the International Traffic in Arms Regulations (ITAR), 22 C.F.R. Parts 120-130.  The Department of State and L3Harris have reached this settlement following an extensive compliance review by the Office of Defense Trade Controls Compliance in the Department’s Bureau of Political-Military Affairs.

The Department of State and L3Harris have reached an agreement pursuant to ITAR § 128.11 to address alleged unauthorized exports of defense articles, including technical data involving radios; providing a false statement regarding the promised payment of a commission; violating provisos, terms, and conditions of authorizations; and failing to properly manage temporary export licenses.

The settlement demonstrates the Department’s role in strengthening U.S. industry by protecting U.S.-origin defense articles, including technical data from unauthorized exports.  The settlement also highlights the importance of obtaining appropriate authorization from the Department for exporting controlled articles.

Under the terms of the 36-month Consent Agreement, L3Harris will pay a civil penalty of $13 million.  The Department has agreed to suspend $6.5 million of this amount on the condition that the funds have or will be used for Department-approved Consent Agreement remedial compliance measures.  In addition, an external Special Compliance Officer will be engaged by L3Harris to oversee the Consent Agreement, which will also require the company to conduct two external audits of its compliance program during the Agreement term as well as implement additional compliance measures.

L3Harris voluntarily disclosed to the Department the majority of the alleged AECA and ITAR violations, which are resolved under this settlement.  L3Harris also acknowledged the serious nature of the alleged violations, cooperated with the Department’s review, and instituted a number of compliance program improvements during the course of the Department’s review.  For these reasons, the Department has determined that it is not appropriate to administratively debar L3Harris at this time.

The Consent Agreement and related documents will be available for public inspection in the Public Reading Room of the Department of State and on the Penalties and Oversights Agreements section of the Directorate of Defense Trade Controls’ website.

For additional information, please contact the Bureau of Political-Military Affairs’ Office of Congressional and Public Affairs at


State Department Press Release

This one’s pretty cut and dried… a $343,315 fine for accepting the business of collecting the $5,730,680.33 debt from a company on the SDN List, and for actually successfully collecting $4,043,174.25 of it. The company did not voluntarily self-report, but the two violations were considered a non-egregious case. The resulting settlement was reduced from the $590,282 base penalty.

Here is what OFAC considered in its investigation:

The following were considered aggravating factors:

  • ATCI did not undertake any meaningful analysis or otherwise seek confirmation from OFAC that assignment of the SDN’s debt and acceptance of payment from the Soho Mall Trust was permissible under existing authorizations; and
  • ATCI is a subsidiary of a sophisticated global trade credit insurance and collections conglomerate.

The following were considered mitigating factors:

  • ATCI has not received a penalty notice or Finding of Violation from OFAC in the five years preceding the earliest date of the transactions giving rise to the Apparent Violations; and
  • ATCI voluntarily conducted a full internal review of the underlying facts and circumstances, provided documents from its internal review to OFAC in the course of the investigation, and took voluntary remedial action to address the cause of the Apparent Violations. ATCI also agreed to undertake certain compliance commitments to ensure that its OFAC sanctions compliance program remains strong over the next several years.

and the lesson we should learn:

This enforcement action draws particular attention to transactions related to the assignment of an SDN’s debt and highlights the importance of obtaining a specific license before engaging in activity that is not otherwise authorized.

One curious thing is that ATCI didn’t get credit for the fact that the debt collection may have been licensable: the SDN was in liquidation when ATCI took on the assignment. I know that OFAC has mentioned “could have been licensed” in other cases.

Also interesting is OFAC’s focus on some of these smaller cases. It used to be that the focus was on larger and more egregious patterns of behavior. When you really get down to it, this was a single transaction they got whacked for – maybe because they were a sub of a large firm, they got penalized just to make a point?


Enforcement Information

The firm, which is in the truck business, agreed to a $1,709,325 settlement for 63 apparent violations of the Iranian Transactions and Sanctions Regulations (ITSR), which were voluntarily self-disclosed and non-egregious violations. The base penalty is therefore $2,713,214 for selling $5,426,428 worth of products. The violations occurred between October 2013 and February 2015.

Here’s the “what” of what happened:

In June and October 2014, a DAF dealer based in Hamburg, Germany, placed two orders with DAF via its wholly owned subsidiary in Germany (“DAF Germany”) for 51 trucks. Even though the final paperwork associated with these transactions identified the ultimate end-customer as an unnamed party in Russia, the Hamburg-based dealer resold the trucks to a buyer in Iran. A former employee/manager of DAF Germany had, at a minimum, reason to know that the trucks were intended for Iran rather than for Russia. The Hamburg-based dealer initially requested a price quotation from, and then placed an order with, DAF Germany for trucks with particular specifications for an Iranian company located in Iran. The then-employee/manager of DAF Germany informed the Hamburg-based dealer that DAF Germany could not sell trucks destined for Iran. That same day, the Hamburg-based dealer submitted a pricing request for a new order of trucks purportedly destined for a customer or end-user in Russia with virtually identical specifications as the earlier order intended for Iran. Although the new pricing request was submitted on the same day on which DAF Germany refused the Iran-related purchase order and the proposed purchase involved the same types of trucks, with the same specifications, and the same delivery point as those included in the Iran-related purchase order, DAF Germany — including the former employee/manager — failed to conduct an adequate inquiry and processed the order.

Separately, DAF Trucks Frankfurt, a directly owned DAF dealer, received two trucks from DAF in October 2013 that were intended for resale to a company in Germany. After the original buyer cancelled the order, DAF Trucks Frankfurt sold the two trucks to a trader based in the Netherlands, which in turn resold the trucks to two buyers in Iran. DAF’s investigation showed that an employee of DAF Trucks Frankfurt knew or had reason to know that the two trucks sold to the Netherlands-based trader were intended for resale to buyers in Iran. Among other things, the Netherlands-based trader sent drafts of its invoices, which referenced the buyers in Iran, to a DAF Trucks Frankfurt employee.

Additionally, in June 2014, DAF sold 10 trucks to an authorized DAF sales dealer located in Sofia, Bulgaria. The Bulgarian authorized dealer subsequently sold and delivered the 10 DAF trucks to an affiliated rental company, which in turn sold the 10 trucks to a buyer in Iran. The Bulgarian authorized dealer’s parent company disclosed that a used truck sales manager employed by DAF introduced that authorized dealer to the Iranian buyers of the 10 trucks and knew or should have known that the trucks were intended for Iran prior to introducing the parties. A DAF investigation found that the sales manager ignored warning signs indicating the trucks were destined for Iran and failed to take reasonable steps in response to the warnings.

And OFAC considered the following factors in determining the penalty:

OFAC considered the following to be aggravating factors:

  1. DAF personnel — specifically, employees in DAF Germany and DAF Trucks Frankfurt and a DAF used trucks sales manager — failed to exercise a minimal degree of caution or care when they ignored warning signs regarding potential sales involving OFAC-sanctioned countries and allowed goods to be sold to customers that they knew or had reason to know intended to re-sell the goods to buyers in Iran;
  2. in each case, a DAF employee had knowledge or reason to know the goods were being re-sold to buyers in Iran;
  3. DAF’s exportation of goods from Germany to Iran conferred millions of dollars in economic benefits on Iran; and
  4. PACCAR, DAF’s parent company, is a large sophisticated entity that engages extensively in international business.

OFAC considered the following to be mitigating factors:

  1. neither PACCAR nor DAF have received a penalty notice or Finding of Violation from OFAC in the five years preceding the earliest date of the transactions giving rise to the apparent violations;
  2. at the time of the apparent violations, DAF possessed and maintained a trade sanctions compliance program that included contractual prohibitions on dealers and service partners re-selling DAF products in violation of U.S. trade sanctions;
  3. upon learning of the apparent violations, DAF took remedial action by conducting an internal investigation regarding this matter; terminating employees involved in some of the apparent violations; cancelling delivery of 20 trucks that were part of an order for a customer that appeared to have allowed other DAF trucks to be resold to buyers in Iran; providing in-person compliance training to DAF subsidiaries on an annual basis from 2015 onward; and implementing enhanced trade compliance controls — including a policy preventing direct sales agreements except for sales to final end customers — in an effort to prevent similar apparent violations from recurring; and
  4. PACCAR and DAF cooperated during the course of OFAC’s investigation, including by submitting a detailed voluntary self- disclosure; thoroughly and promptly responding to OFAC’s requests for information and by entering into a tolling agreement to extend the statute of limitations.

Some details on PACCAR’s remedial efforts:

Additionally, PACCAR and DAF have confirmed to OFAC that they have terminated the apparently violative conduct and have taken the following steps to minimize the risk of recurrence of similar conduct in the future:

• DAF hired a full-time Compliance Director who reports to DAF’s General Counsel and Chief Compliance Officer, and is responsible for developing compliance policies and procedures, advising employees about compliance, monitoring internal reports of compliance concerns and ensuring appropriate follow-up, and assisting with compliance investigations and audits;

• DAF updated its EU Trade Restrictions Compliance Manual to strengthen controls on dealer sales that might violate U.S. or other applicable trade restrictions, including by requiring more thorough end-customer and transaction due diligence;

• DAF implemented a policy that only allows direct sales agreements for sales to final end- customers and imposed a contractual ban on the resale of new trucks acquired under a direct sales agreement in the absence of an approved exception;

• DAF sent a letter to all dealers in its dealer network reminding them of their obligations to comply with U.S. and other trade sanctions and received certifications from each of its dealers regarding their compliance with all applicable trade sanctions; and

• DAF has made trade sanctions compliance training an annual requirement and has conducted such trainings at DAF’s headquarters and subsidiaries since 2016.

And the lesson you should learn from this:

This enforcement actions highlights the benefits U.S. companies can realize in conducting sanctions-related training and in taking appropriate steps to audit and monitor foreign subsidiaries for OFAC compliance. U.S. parent companies can mitigate risk to sanctions exposure by proactively establishing and enforcing a robust sanctions compliance program. Foreign subsidiaries of U.S. companies are subject to the ITSR, and their U.S. parent companies may face potential exposure to civil monetary penalties for the actions of such entities.


Enforcement Information

July 23, 2019
Contact: Bryan Hubbard
(202) 649-6870

OCC Issues Consent Order of Prohibition and $50,000 Civil Money Penalty Against Former General Counsel of Rabobank N.A.

WASHINGTON—The Office of the Comptroller of the Currency (OCC) today announced the issuance of a consent order of prohibition and $50,000 civil money penalty against Daniel Weiss, the former General Counsel of Rabobank, N.A., Roseville, Calif. (Bank).

The consent order prohibits Mr. Weiss from participating in the affairs of any federally insured depository institution and assesses a $50,000 civil money penalty for violations of law and unsafe or unsound practices alleged in the notice of charges (notice) issued on March 25, 2019.

The notice alleges that Daniel Weiss, as General Counsel of the Bank, participated in the continuous concealment of a third party report assessing the Bank’s Bank Secrecy Act program from the OCC in violation of 12 USC 481 and made false statements to the OCC in violation of 18 USC 1001.

On February 7, 2018, the Bank pled guilty to conspiracy to obstruct an OCC examination in violation of 18 USC 371 and 1517 in the U.S. District Court in the Southern District of California, and agreed to pay a forfeiture in the amount of $368,701,259 and a civil money penalty to the OCC in the amount of $50 million, based in part on the violation of 12 USC 481.


OCC Notice

Consent Order

Notice of Charges